Joined January 2008
- Tweets 2,320
- Following 1,547
- Followers 430
- Likes 12,136
65 Photos and videos
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
1,668
5,302
25,401
13,831,330
May 13
One funny contrast while building the @WP_Notificator ecosystem was constantly switching between embedded firmware work and modern mobile app development.
Especially while writing the new Matter firmware for the ESP32-C3.
The mindset difference is massive.
#ESP32 #Matter #EmbeddedSystems
1
1
2
113
May 13
Working across both worlds simultaneously really changes your perspective on software engineering.
Embedded systems force discipline.
Modern app development rewards abstraction and velocity.
Building both together makes you appreciate each side a lot more.
#SoftwareEngineering #IoT #ReactNative #Matter
1
20
May 13
Feel free to get in touch for access to @WP_Notificator or if you have any questions related to the project.
18
Vagelis retweeted
Matter landed on the Notificator Project.
Turn #WordPress notifications into #Matter actions with our ESP32-C3 OS Matter firmware, Plugin, & Mobile App.
Free web installer for compatible ESP32-C3 boards coming soon.
Read more:
notificator-project.com/blog…
#Matter #ESP32 #MQTT #IoT
1
35
Vagelis retweeted
These are some of the early Notificator devices now in testing, along with the #WordPress plugin.
Real-time notifications
No distractions
Just signal
Want access? Get in touch.
2
1
20
Vagelis retweeted
Open Release Update
• #WordPress
• Mobile
• MQTT / IoT
Testing is now open 👇
notificator-project.com/blog…
2
1
28
Apr 22
Just published an intro to the Notificator Project. @WP_Notificator
#WordPress plugin Mobile app IoT devices for real-time, scenario-based notifications.
Testing is now open. ( The service is better than the video 😂 )
youtube.com/watch?v=RMA0shQC…
2
1
100
We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin:
vercel.com/kb/bulletin/verce…
695
2,360
8,759
10,618,529
Vagelis retweeted
Το ρεπορτάζ έπαιξε στο δελτίο ειδήσεων της ΕΡΤ3. Αν μπορείτε, αφιερώστε λίγο χρόνο να δείτε το βίντεο. Και αν θέλετε, μοιραστείτε το. Ίσως έτσι φτάσει εκεί που πρέπει, σε ανθρώπους που μπορούν να βοηθήσουν (για το κινητό του ανθρώπου στο inbox).
8
597
794
51,983
🤨 People keep asking how to protect yourself.
#1: set min-release-age=7 in .npmrc
#2: install Socket for GitHub (it's free!) to protect PRs from bad dependencies: socket.dev/features/github
#3: install Socket Firewall (also free!) to protect your laptop: socket.dev/features/firewall
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
57
283
2,420
347,602
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
541
4,026
16,167
12,404,208